Web App Security Literacy (Beginner Level)

Topics covered

• apply security controls to mitigate broken access control attacks
• deploy security controls to correct monitoring deficiencies
• deploy security controls to mitigate XSS attacks
• describe how security misconfigurations can be mitigated
• describe how the Heartbleed Bug compromises older versions of OpenSSL
• describe how to mitigate XXE attacks
• describe the purpose of the Open Web Application Security Project (OWASP)
• execute a denial of service (DoS) attack against a web application
• identify how broken access control attacks occur
• identify how deserialization attacks occur
• identify methods by which sensitive data exposure attacks can be mitigated
• list methods by which malicious actors can gain access to sensitive data
• list various ways that XML attacks can be executed
• mitigate injection attacks using techniques such as fuzzing and input validation and sanitization
• provide examples of security misconfigurations
• recognize how Cross-site Scripting (XSS) attacks occur
• recognize how security must be integrated into all aspects of Continuous Integration and Continuous Delivery (CI/CD)
• recognize how to deploy security controls to mitigate deserialization attacks
• recognize how to mitigate broken authentication attacks
• recognize how to securely write code
• recognize how weak authentication configurations can lead to system compromise
• recognize the importance of logging at all levels, including application logging
• recognize the relevance of web application security testing
• recognize types of injection attacks